effeeedc63e4fe3b11f548b400de5a37dd36474db2bc4d7ecc135d8ca1f1f2b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14833395ea230080ad5aca2b6da2b710_NEIKI
Size

244KB
Sample

240507-ye9spscd2y
MD5

14833395ea230080ad5aca2b6da2b710
SHA1

b8eb74180f867d6754949b03ed2823d00e784833
SHA256

effeeedc63e4fe3b11f548b400de5a37dd36474db2bc4d7ecc135d8ca1f1f2b3
SHA512

bcb1129eb69e736ee3a2db6e5590ef1bb84182bad729e0efa265d04f95e7bca06544f7021d1f92de532d950d9fb8cdf19e09ed9262fcdca917bebeaa0b62d20e
SSDEEP

6144:UEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:hAylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  14833395ea230080ad5aca2b6da2b710_NEIKI
- Size
  
  244KB
- MD5
  
  14833395ea230080ad5aca2b6da2b710
- SHA1
  
  b8eb74180f867d6754949b03ed2823d00e784833
- SHA256
  
  effeeedc63e4fe3b11f548b400de5a37dd36474db2bc4d7ecc135d8ca1f1f2b3
- SHA512
  
  bcb1129eb69e736ee3a2db6e5590ef1bb84182bad729e0efa265d04f95e7bca06544f7021d1f92de532d950d9fb8cdf19e09ed9262fcdca917bebeaa0b62d20e
- SSDEEP
  
  6144:UEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:hAylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2